User Blogs

From Network World: "As enterprises approach a high level of maturity in their IT governance, risk and compliance (GRC) programs, they face a conundrum: How can they effectively implement and manage policies and their supporting controls to maintain a strong risk posture? To add to the difficulty, the environments they manage are often widely distributed and subject to multiple regulatory requirements and internal audit requirements, and must adapt to changing business needs. GRC tools are designed to help.

"It's mostly about the maturity of the organization," says Paul Proctor, vice president of security and risk management at Gartner. "Are you ready for a more formalized and automated way of tracking controls? If you have your act together, you should be looking at this."